Teredo Tunneling Pseudo-Interface and Panda Antivirus

Discussion in 'other anti-virus software' started by JoeBlack40, Mar 7, 2015.

  1. JoeBlack40

    JoeBlack40 Registered Member

    Joined:
    Apr 1, 2009
    Posts:
    1,572
    Location:
    Romania
    As the title says,could someone please explain to me what is this and why it appears only with Panda installed?It's a warning from TuneUp Utilities 2013...so,it's something wrong with TuneUp,with my system or with Panda Cloud?
    Thank you guys.
     

    Attached Files:

    Last edited: Mar 7, 2015
  2. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    665
    From what I just read is..

    "In computer networking, Teredo is a transition technology that gives full IPv6 connectivity for IPv6-capable hosts which are on the IPv4 Internet" http://en.wikipedia.org/wiki/Teredo_tunneling
    Seems related to the NIC"
     
  3. JoeBlack40

    JoeBlack40 Registered Member

    Joined:
    Apr 1, 2009
    Posts:
    1,572
    Location:
    Romania
    Thank you Infected and thank you Wikipedia...I am safe or not?And most important,why is Panda related?
     
  4. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
  5. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
  6. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    I block IPv6 at the router, it's disabled on machines, tunnel services killed, and tunnels manually disabled via CLI. I am IPv6 certified transition engineer, and I won't touch it for a variety of reasons. Everyone else can, and I help in transitions, but personally? Forget it. I value my NAT anonymity (RTC not withstanding).
     
  7. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    665
    You can just disable IPv6 in adapter settings.
     
  8. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    Tunnel still runs if you disable it in adapter settings. Adapter is IPv6 Core. Tunneling is IPv6 tunneled through a IPv4 facade. You'll still get tunneled if you don't take the proper precautions.
     
  9. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    This is correct. Teredo tunnel actual connects via IPv4 UDP.

    Again, this is all noted in the sourcedaddy link I posted above. Since it appears this is not being referenced, I will copy part of it.

    You cannot uninstall IPv6 in Windows 7, but you can disable IPv6 on a per-adapter basis. To do this, follow these steps:

    In Control Panel, open Network And Sharing Center.

    1. Click Manage Network Connections and then double-click the connection you want to configure.
    2. Clear the check box labeled Internet Protocol Version 6 (TCP/IPv6), and then click OK.


    Note that if you disable IPv6 on all your network connections using the user interface method described in the preceding steps, IPv6 will still remain enabled on all tunnel interfaces and on the loopback interface.

    Either use nbstat to disable each interface:

    netsh interface teredo set state disabled
    netsh interface ipv6 6to4 set state state=disabled undoonstop=disabled
    netsh interface ipv6 isatap set state state=disabled


    Or, do the below registry mod:

    As an alternative to using the user interface to disable IPv6 on a per-adapter basis, you can selectively disable certain features of IPv6 by creating and configuring the following DWORD registry value:
    HKLM\SYSTEM\CurrentControlSet\Services\tcpip6\Parameters\DisabledComponents


    Table-7 describes the flag values that control each IPv6 feature. By combining these flag values together into a bitmask, you can disable more than one feature at once. (By default, DisabledComponents has the value 0.)

    Table-7 Bitmask Values for Disabling IPv6 Features in Windows 7

    Flag Low-Order Bit Result of Setting this Bit to a Value of 1

    0 Disables all IPv6 tunnel interfaces, including ISATAP, 6to4, and Teredo tunnels
    1 Disables all 6to4-based interfaces
    2 Disables all ISATAP-based interfaces
    3 Disables all Teredo-based interfaces
    4 Disables IPv6 over all non-tunnel interfaces, including LAN and PPP interfaces
    5 Modifies the default prefix policy table* to prefer IPv4 over IPv6 when attempting connections
     
  10. JoeBlack40

    JoeBlack40 Registered Member

    Joined:
    Apr 1, 2009
    Posts:
    1,572
    Location:
    Romania
    Thank you again to all of you guys for your detailed replies.I think i will change Panda with my good ol' Avast back...
     
  11. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,126
    How do you know it has to do with Panda?
     
  12. JoeBlack40

    JoeBlack40 Registered Member

    Joined:
    Apr 1, 2009
    Posts:
    1,572
    Location:
    Romania
    As I said in my first post,this warning appears ONLY when it's Panda installed on my laptop.It NEVER occurs with or without any other AV,and believe me,i tried all of them.
     
  13. aaa839

    aaa839 Registered Member

    Joined:
    Oct 11, 2012
    Posts:
    244
    Location:
    Hong Kong
    What is the main reason of we should not enable the Teredo IPv6 tunnel?
    Does it have any important security risk?
    and what happen if I disable the tunnel as well as IPv6 to 4
     
    Last edited: Mar 8, 2015
  14. yongsua

    yongsua Registered Member

    Joined:
    Feb 9, 2011
    Posts:
    474
    Location:
    Malaysia
  15. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    See these links:

    http://www.symantec.com/connect/blo...work-security-and-other-security-implications

    http://blog.trendmicro.com/trendlab...ls-good-for-adoption-not-so-hot-for-security/

    http://www.techrepublic.com/blog/it-security/ipv6-oops-its-on-by-default/

    http://www.admin-magazine.com/Articles/Neglected-IPv6-Features - this is a detailed technical article on IPv6.

    Disabling the tunnels have zero impact on your PC. They were designed as "transitioning" technology to allow IPv6 activity over existing IPv4 networks. If you have a IPv6 router, you don't need them anyway.

    Also it has been my observation that when the tunnels are enabled, Windows will use them to transmit data to Microsoft such as Application Experience uploads and the like. I like my IP connections with anyone to be always visible and traceable.

    Finally, very few firewalls other than the Win 7/8 firewall properly handle tunnel traffic properly and have specific rules to do so.
     
  16. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    Firewalls not handling IPv6 is a major issue, often they put them in allow/allow, which itself is a bad move.

    An interesting thing happened when some sites started to accept IPv6 connections way back when.. They were planning on seeing 'nothing' for a long time. Then suddenly they were flooded, and realized it was because of the tunneling going on in Windows, millions of hits! I consider IPv6 tunneling a backdoor on my systems, and disable it.. itman is correct in that Microsoft Customer Experience has been known to 'tunnel', which is another reason I turn it off.
     
  17. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,066
  18. yongsua

    yongsua Registered Member

    Joined:
    Feb 9, 2011
    Posts:
    474
    Location:
    Malaysia
Loading...